Terminus

Terminus, the Pantheon.io command-line interface, allows for sophisticated Pantheon interaction. Terminus helps you to do about everything you would do in the Dashboard in a terminal, and a lot more.

Block IPs in WordPress on Pantheon

This article is about blocking IPs in Pantheon for sites using the WordPress CMS. Prevent unwanted traffic incidents that might result in site outages and billing overages.

Review the nginx-access.log.

Download the nginx-access.log on the LIVE environment. The logs can be accessed using SFTP or by using the provided script from Pantheon’s documentation. Be sure to combine all the logs for a day if the site plan has multiple application containers. Identify the IP that has the highest number of visits and verify it with https://www.abuseipdb.com/

$ cat ~/site-logs/nginx-access.log | awk -F\" '{print $8}' | awk '{print $1}' | sort -n | uniq -c | sort -nr | head -20

Use a WordPress Plugin to Block IPs

Be sure to install the plugin WP Traffic Jammer that can be downloaded at WordPress.org https://wordpress.org/plugins/traffic-jammer. The plugin has a wp-cli command that can be used on a remote wp-cli call using Terminus. It also has a settings page to add a single IP or an IP range.

Block the IP using Terminus.

Use remote wp-cli via terminus to block the IP.

$ terminus wp <sitename>.<env> -- jam block <ip>

To unblock the IP.

$ terminus wp <sitename>.<env> -- jam unblock <ip>

Block the IP on the WordPress Admin Dashboard.

On the Admin Dashboard, you would see the left side menu, click “Traffic Jammer” and add a single IP or IPs, CIDR format can be also used for IP ranges.

Block the IP using a PHP Snippet

Use a PHP snippet that can be added to wp-config.php file. This offers an advantage since it would be triggered before loading all the plugins and themes.

if ( $_SERVER['REMOTE_ADDR'] == '154.84.133.8' ) {
  header( 'HTTP/1.0 403 Forbidden' );
  exit;
}

Terminus 3

What a great way to start a new year with releases, as this is the same for the company offering the best WebOps SAAS (Software as a Service) Platform which is Pantheon. During the last week of December, a new version tag of Terminus has been released, comes version 3.

What is Terminus?

The Terminus command-line interface provides advanced interaction with Pantheon. Terminus enables you to do almost everything in a terminal that you can do in the Pantheon Dashboard, and much more. In practice, some of the features missing on the Dashboard are included in Terminus. Developers can also include in development workflow or as part of a script for deployment using continuous integration.

Operating System Compatibility

As of this writing tested to work on the following platforms

  • MacOS
  • Windows 10 – WSL 2 Ubuntu 20.0
  • Ubuntu 20.0 – this would include Ubuntu under Docker or VirtualBox

Before getting frustrated, included also are the list of platforms that Terminus would not work:

  • Windows 10 – Command Line
  • Windows 10 – Git Bash (MingW)
  • Ubuntu 18.0 and later versions
  • Linux system with coreutils equal to or less than 8.28

Prerequisites Library

  • PHP 7.4 or above
  • PHP Extensions (mbstring, xml, curl, cli)
  • curl
  • git (if you need to include plugins)

Installation

As for the prior version of Terminus, it can be installed in many ways, the new version is limited to work only on the standalone PHAR package. Assuming all the requirements are met. Start the installation on the home folder

cd ~
mkdir ~/terminus && cd ~/terminus 
curl -L https://github.com/pantheon-systems/terminus/releases/download/`curl --silent "https://api.github.com/repos/pantheon-systems/terminus/releases/latest" | perl -nle'print $& while m#"tag_name": "\K[^"]*#g'`/terminus.phar --output terminus
chmod +x terminus
sudo ln -s ~/terminus/terminus /usr/local/bin/terminus

Plugins

The new version of Terminus comes with a plugin manager, installation now can be done using the terminus command

terminus self:plugin:install pantheon-systems/terminus-build-tools-plugin

That would work if the plugin is added to packagist, don’t worry you can add an old plugin by means of adding the path.

terminus self:plugin:install <plugin_name> <path>

To update the latest version of the plugin from packagist:

terminus self:plugin:update <plugin_name>

To remove the plugin:

terminus self:plugin:uninstall <plugin_name>

Installing Terminus on Windows using WSL 2

What is WSL? It stands for Windows Sub System for Linux. A Linux-compatible sub-system without having a need for a virtual machine. Though not entirely compatible that would run all the Linux commands and features it is good enough to install Terminus, the command-line tool from Pantheon.io.

A note of warning, since this instruction would require installing WSL, there is an article from TrendMicro a security flawed attack better read this first to be aware https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/bashware-attack-targets-windows-system-for-linux-wsl .

If you want a secure way, head over to one of the blog posts, Installing Terminus on Windows using a Virtual Machine.

First thing first, install WSL. Open up Powershell as an administrator.

Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux

Restart Windows.

After restarting go to Microsoft Store and search for “Linux”, select “Run Linux on Windows”. Pick Ubuntu and get it.

It would take a while for the installation process, you would be asked to provide a new username and password.

If you got to the Ubuntu shell, install the PHP repository

   sudo add-apt-repository ppa:ondrej/php 

Make sure we are getting all the recently updated software to be installed.

sudo apt-get update

Here are all the necessary libraries that we need.

sudo apt-get install curl php7.4 php7.4-curl php7.4-cli php7.4-mbstring php7.4-xml git unzip 

Install terminus

cd ~

mkdir terminus3

cd terminus3

curl -L https://github.com/pantheon-systems/terminus/releases/download/`curl --silent "https://api.github.com/repos/pantheon-systems/terminus/releases/latest" | perl -nle'print $& while m#"tag_name": "\K[^"]*#g'`/terminus.phar --output terminus

chmod +x terminus

sudo ln -s ~/terminus3/terminus /usr/local/bin/terminus

That’s it enjoy Terminus on Windows.

Installing Terminus on MacOS (Mojave)

This installation process needs to have Homebrew please do install it before doing the following steps. Homebrew installs the stuff you need that Apple did not.

Requirements:

  • Homebrew
  • PHP v7.3
    • php-cli
    • php-curl
    • php-mbstring
    • php-xml
  • Composer

Installation process

We need Homebrew to install the needed programs and libraries

/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"

After successfully installing Homebrew, it’s time to use ‘brew’ to install PHP

brew install php@7.3

Let’s try to download Composer, using the terminal.

curl -sS https://getcomposer.org/installer -o composer-setup.php
php composer-setup.php --filename=composer
sudo mv composer /usr/local/bin/composer

Then we can easily install Pantheon’s CLI tool, Terminus

composer require pantheon-systems/terminus
sudo ln -s /home/username/vendor/pantheon-systems/terminus/bin/terminus  /usr/local/bin/terminus

you need to replace /home/username with the actual username of the machine.

Then let’s try to authenticate.

terminus auth:login --machine-token=‹machine-token›

That’s it, happy coding.

Installing Terminus on Ubuntu 18.04.4

The Terminus command-line tool of Pantheon.io can easily be installed on Ubuntu 18.04.4 (Bionic Beaver).

Install the dependencies and requirements, since Terminus is written in PHP scripting language, the minimum version requirement 5.6 running it on PHP v7.3 is much faster.

The PHP extensions needed are:

  • curl
  • cli
  • mbstring
  • xml

PHP v7.3

sudo -A add-apt-repository ppa:ondrej/php -y;
sudo apt-get update

Dependencies and Requirements

sudo apt-get install curl php7.3 php7.3-curl php7.3-cli php7.3-mbstring php7.3-xml git unzip -y

Composer (skip if the machine in use has a prior composer installed.)

curl -sS https://getcomposer.org/installer -o composer-setup.php
php composer-setup.php --filename=composer
sudo mv composer /usr/local/bin/composer

Install Terminus via Composer

composer require pantheon-systems/terminus

Then in order that terminus can be executed on all folders, create a symlink that can be accessed.

sudo ln -s /home/vagrant/vendor/pantheon-systems/terminus/bin/terminus  /usr/local/bin/terminus

Test that it is properly installed

terminus -v

Authenticate

terminus auth:login --machine-token=‹machine-token›